dwmetz / PSHero Public

Notifications You must be signed in to change notification settings
Fork 8
Star 36

PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.

36 stars 8 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
ADUserCredentialsCheck.ps1		ADUserCredentialsCheck.ps1
AxCollect.ps1		AxCollect.ps1
Bitlocker.ps1		Bitlocker.ps1
ChromeExtensions.ps1		ChromeExtensions.ps1
Connect-ExchangeOnline.ps1		Connect-ExchangeOnline.ps1
ExchangeOnline.ps1		ExchangeOnline.ps1
GetComputer.ps1		GetComputer.ps1
HostAlive.ps1		HostAlive.ps1
IRMemPull.ps1		IRMemPull.ps1
NonAttribSSH.ps1		NonAttribSSH.ps1
PSHero.ps1		PSHero.ps1
PSession.ps1		PSession.ps1
Parse-EmailHeader.ps1		Parse-EmailHeader.ps1
README.md		README.md
SadPhishes.ps1		SadPhishes.ps1
UnixTime.ps1		UnixTime.ps1
screenshot.png		screenshot.png

Repository files navigation

PSHero

Powershell scripts for DFIR and automation

@dwmetz https://dwmetz.github.io/

Contents:

18-May-2020

Added PSHero.ps1 - PSHERO POWERSHELL MENU

PSHero.ps1 and scripts related to PSHero should ideally be placed in the same directory. Be sure to update the paths in PSHero.ps1 to match to your local directory.
Always check the supplemental scripts to see if customization is necessary.

15-May-2020

ADUserCredentialsCheck.ps1 - Script by Tim Buntrock - check user/pass from csv
AxCollect.ps1 - [O365] - grants an examiner read access to O365 mailbox
ChromeExtensions.ps1 - retreives the Google Chrome extensions and their ID's for a specified user
HostAlive.ps1 - get an auditory alert when a host comes online
SadPhishes.ps1 - [O365] Collin Edwards brilliant O365 search and destroy tool
UnixTime.ps1 - converts a unix time value to human readable

About

PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.

Report repository

Releases 1

PSHero Menu Latest

Packages

No packages published

Languages

PowerShell 100.0%